SSL Modification
================

Changes:
- Added new Annotation class "net.sourceforge.stripes.action.Secure"
- Added new Method "encodeUrl(String url)" to StripesTagSupport
- Added new classes in util:
	- net.sourceforge.stripes.util.UrlParser
	- net.sourceforge.stripes.util.HttpUrlInfo
- Removed obsolete HttpServletResponse from the import statements in
	- LinkTagSupport
	- FormTag
- refactored buildUrl method in LinkTagSupport and moved contextPath-handling to the new encodeUrl() method in StripesTagSupport


Usage:
- Configure SSL Host/port and Non SSL Host/Port within your web.xml:
	<init-param>
		<param-name>SSL.SecureHost</param-name>
		<param-value>localhost:8443</param-name>
	</init-param>
	<init-param>
		<param-name>SSL.UnsecureHost</param-name>
		<param-value>localhost:8080</param-name>
	</init-param>
	<init-param>
		<param-name>SSL.SessionMode</param-name>
		<param-value>never | always | auto</param-name>
	</init-param>
	
	SessionMode specifies, how session ids will be handled:
	- never => when the URL is rewritten, any jsessionid present will be stripped from the URL 
	  even if the container relies on url rewriting to keep track of sessions.
	  This will lead to too separate sessions one for the secure requests and one for insecure requests.
	  never is the default sessionMode since it is the most secure one.
	- always => the session id will always be added to the url even if the container uses Cookies to
	  keep track of sessions. This effectivly will lead to the same session being shared for secure and 
	  unsecure pages. While this is the most convenient way it is also insecure since the sessions can
	  be hijacked
	- auto => if a session id is present in the original url it will be kept. 

- Mark your ActionBeans that should be SSL protected with the new @Secure Annotation.

That's it. The Stripes link, url and form tag will check the destination ActionBean on its Secure-state.
If the target ActionBean is marked as Secure and the current url is not secure, the url will be rewritten automatically.
the same applies for links to non-secure ActionBeans references from secure pages.

! All modifications are marked with comments "BEGIN SSL MOD"/"END SSL MOD" !




Optionally exclude special parameters on link/url tag:
======================================================

Changes:
- Added new attribute to LinkTagSupport "excludeSpecialParams"
- Added new attribute to the stripes.tld as well for link and url tag
- modified the buildUrl() method in LinkTagSupport to check the new attribute

Usage:
In order to prevent stripes from adding the source page parameter, add <s:link ... excludeSpecialParams="true" /> to your tag

! All modifications are marked with comments "BEGIN SOURCE PAGE MOD"/"END SOURCE PAGE MOD" !